<?php

/***** Username check *****/

function checkUsername($inputname)
{
	$objResponse = new xajaxResponse();
	
	$bError = false;
	
	if (is_username_too_short($inputname))
	{
		$errorMsg = "用户名长度至少需要4位";
		$bError = true;
	}

	if(is_username_exist($inputname))
	{
		$errorMsg = "用户名已存在";
		$bError = true;
	}

	if ($bError)
	{
		$sForm ="<div class=\"form-error\">&nbsp;&nbsp;$errorMsg</div>";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checknamemsg","innerHTML",$sForm);
	}
	else
	{
		$sForm ="<div class=\"form-ok\">&nbsp;&nbsp;用户名可以使用</div>";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checknamemsg","innerHTML",$sForm);
	}
	
	return $objResponse;
}

function processRegForm($aFormValues)
{
	global $trdb;

	$objResponse = new xajaxResponse();
	
	$nError = false;
	$mError = false;
	$pError = false;

	$username = $aFormValues['username'];
	//$username = iconv( "UTF-8", "GB2312//IGNORE" , $username);
	$username = trim($username);
	$email = $aFormValues['email'];
	//$email = iconv( "UTF-8", "GB2312//IGNORE" , $email);
	$email = trim($email);
	$newPass1 = $aFormValues['newPass1'];
	//$newPass1 = iconv( "UTF-8", "GB2312//IGNORE" , $newPass1);
	$newPass2 = $aFormValues['newPass2'];
	//$newPass2 = iconv( "UTF-8", "GB2312//IGNORE" , $newPass2);
	
	$username = apply_filters($username);
	$email = apply_filters($email);

	if (is_username_too_short($username))
	{
		$errorMsg = "用户名长度至少需要4位";
		$nError = true;
	}

	if(is_username_exist($username))
	{
		$errorMsg = "用户名已存在";
		$nError = true;
	}

	if (!eregi("^[a-zA-Z0-9]+[_a-zA-Z0-9-]*(\.[_a-z0-9-]+)*@[a-z??????0-9]+(-[a-z??????0-9]+)*(\.[a-z??????0-9-]+)*(\.[a-z]{2,4})$", $email))
	{
		$errorMsg2 = "请输入一个有效的email地址.";
		$mError = true;
	}

	if (trim($newPass1) == "")
	{
		$errorMsg3 = "密码不能为空";
		$pError = true;
	}

	if (strlen(trim($newPass1)) < 6)
	{
		$errorMsg3 = "密码最少需要6位字符";
		$pError = true;
	}

	if ($newPass1 != $newPass2)
	{
		$errorMsg3 = "密码不一致";
		$pError = true;
	}

	if ($nError)
	{
		$sForm ="<div class=\"form-error\">&nbsp;&nbsp;$errorMsg</div>";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checknamemsg","innerHTML",$sForm);
	}
	else
	{
		$sForm ="";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checknamemsg","innerHTML",$sForm);
	}

	if ($mError)
	{
		$sForm ="<div class=\"form-error\">&nbsp;&nbsp;$errorMsg2</div>";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checkemailmsg","innerHTML",$sForm);
	}
	else
	{
		$sForm ="";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checkemailmsg","innerHTML",$sForm);
	}

	if ($pError)
	{
		$sForm ="<div class=\"form-error\">&nbsp;&nbsp;$errorMsg3</div>";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checkpassmsg","innerHTML",$sForm);
	}
	else
	{
		$sForm ="";
		$objResponse->addAssign("checkpassmsg","innerHTML",$sForm);
	}

	if (!$nError&&!$mError&&!$pError)
	{
		$username = $trdb->escape($username);
		$email = $trdb->escape($email);
		$newPass1 = $trdb->escape($newPass1);
		$md5_pass = md5($newPass1);
		$reg_date = date('Y-m-d H:i:s');
		$request = "INSERT INTO $trdb->users (user_login, user_pass, user_email, user_registered) VALUES ('$username', '$md5_pass', '$email', '$reg_date')";
		$trdb->query($request);

		// set cookie
		tr_setcookie($username, $newPass1);

		// return result
		/*
		$stylesheet_directory = bloginfo('stylesheet_directory',false);
		$sForm ="<H2><A href=\"".get_option('siteurl')."\">首页</A> &#187; 注册成功</H2>";
		$sForm .="<H3>欢迎您加入TripReader</H3>";
		$sForm .="<DIV align=center><DIV class=adsense-01>";
		$sForm .="<map name=\"regionMap\">";
		$sForm .="<area shape=\"rect\" coords=\"0, 0, 200, 100\" href=\"#1\" alt=\"分享、提交\"/>";
		$sForm .="<area shape=\"rect\" coords=\"265, 0, 465, 100\" href=\"#2\" alt=\"收藏、推选\" />";
		$sForm .="<area shape=\"rect\" coords=\"527, 0, 725, 100\" href=\"#3\" alt=\"个人旅行计划\" />";
		$sForm .="</map>";
		$sForm .="<IMG height=100 usemap=\"#regionMap\" alt=\"TripReader 使用介绍\" src=\"".$stylesheet_directory."/img/intro.gif\" width=728 border=0>";
		$sForm .="</DIV></DIV>";
		$objResponse->addAssign("formz","innerHTML",$sForm);
		$objResponse->addAssign("user-top","innerHTML","<SPAN><A href=\"./?profile\">我的收藏</A></SPAN><SPAN onclick=\"javascript:xajax_logoutFunc();\"><A href=\"#logout\">注销</A></SPAN>");*/

		// redirect
		if ( isset($_REQUEST['redirect_to']) )
			//$redirect_to = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $_REQUEST['redirect_to']);
			$redirect_to = $_REQUEST['redirect_to'];
		else
			$redirect_to = get_option('siteurl');
		
		$objResponse->addScript("location='$redirect_to';");
	}
	else
	{
	    $sForm = "创建新账号";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("submitButton","value",$sForm);
		$objResponse->addAssign("submitButton","disabled",false);
	}
	
	return $objResponse;
}

function logoutFunc(){
	$objResponse = new xajaxResponse();
	
	tr_logout();

	$siteurl = get_option('siteurl');

	$sForm ="<SPAN><A href=\"./?register\">注册</A></SPAN><SPAN><A href=\"./?login\">登录</A></SPAN>";
    $sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
	$objResponse->addAssign("user-top","innerHTML",$sForm);
	$objResponse->addScript("location='$siteurl';");

	return $objResponse;
}

function processLoginForm($aFormValues)
{
	global $error;

	$objResponse = new xajaxResponse();

	$username = $aFormValues['username'];
	//$username = iconv( "UTF-8", "GB2312//IGNORE" , $username);
	$username = trim($username);
	$password = $aFormValues['password'];
	//$password = iconv( "UTF-8", "GB2312//IGNORE" , $password);
	$password = trim($password);

	$username = apply_filters($username);
	$password = apply_filters($password);

	if(tr_login($username, $password)) {
		// set cookie
		tr_setcookie($username, $password);

		// redirect
		if ( isset($_REQUEST['redirect_to']) )
			//$redirect_to = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $_REQUEST['redirect_to']);
			$redirect_to = $_REQUEST['redirect_to'];
		else
			$redirect_to = get_option('siteurl');
		
		$objResponse->addScript("location='$redirect_to';");
	}
	else{
		$sForm ="<div class=\"form-error\">&nbsp;&nbsp;$error</div>";
		$objResponse->addAssign("errormsg","innerHTML",$sForm);
		$objResponse->addAssign("submitButton","value",iconv( "UTF-8", "GB2312//IGNORE" , "登录"));
		$objResponse->addAssign("submitButton","disabled",false);
	}

	return $objResponse;
}

function processSubmitForm($aFormValues)
{
	$pError = false;

	$objResponse = new xajaxResponse();

	$url = $aFormValues['submiturl'];
	//$url = iconv( "UTF-8", "GB2312//IGNORE" , $url);
	$url = trim($url);
	$url = apply_filters($url);
	$addonurlcount = $aFormValues['addonurlcount'];
	$addonurlcount = apply_filters($addonurlcount);

	if (!check_url_format($url))
	{
		$errorMsg = "请输入正确的URL地址";
		$pError = true;
	}

	if ($pError)
	{
		$objResponse->addAssign("submit1","value",iconv( "UTF-8", "GB2312//IGNORE" , "继续>>"));
		$objResponse->addAssign("submit1","disabled",false);
		$sForm ="<div class=\"form-error\">&nbsp;&nbsp;$errorMsg</div>";
		$objResponse->addAssign("errormsg","innerHTML",$sForm);
	}
	else{
		$sForm = "<p class=\"l-top\">";
		$sForm .="<label for=\"url\" accesskey=\"1\">地址(URL):</label>";
		$sForm .= "<br /><a href=\"$url\" class=\"simple\" id=\"url\" target=_blank>$url</a>";

		//get all submitted urls
		$in = 1;
		for($i=1;$i<=$addonurlcount;$i++)
		{
			if(isset($aFormValues['submiturl'.$i])){
				if ($aFormValues['submiturl'.$i] != 'http://' && $aFormValues['submiturl'.$i] != "https://"
				&& $aFormValues['submiturl'.$i] != "" && $aFormValues['submiturl'.$i] != $aFormValues['submiturl'])
				{
					$addonurl[$in] = $aFormValues['submiturl'.$i];
					$addonurl[$in] = iconv( "UTF-8", "GB2312//IGNORE" , $addonurl[$in]);
					$addonurl[$in] = trim($addonurl[$in]);
					$addonurl[$in] = apply_filters($addonurl[$in]);
					$sForm .= "<br /><a href=\"$addonurl[$in]\" class=\"simple\" id=\"url\" target=_blank>$addonurl[$in]</a>";
					$in++;
				}
			}
		}
		
		$sForm .= "</p>";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("submitform1","innerHTML",$sForm);

		$sForm2 = "<form id=\"submitForm2\" action=\"javascript:void(null);\" onsubmit=\"submitPost2();\">";
		$sForm2.= "<fieldset><legend>文章简介 (步骤 2 of 2)</legend>";
		$sForm2.= "<br/><span class=\"l-mid\">";
		$sForm2.= "<label for=\"title\" accesskey=\"2\">标题:</label><br />";
		$sForm2.= "<span class=\"form-note\">给你提交的文章一个标题. (最多 75 字符)</span></span>";
		$sForm2.= "<input type=\"text\" id=\"title\" name=\"title\" value=\"\" size=\"60\" maxlength=\"75\" /><br />";
		$sForm2.= "<span id=\"checktitlemsg\"></span>";

		$sForm2.= "<p class=\"l-mid\">";
		$sForm2.= "<label for=\"bodytext\" accesskey=\"3\">简介:</label>";
		$sForm2.= "<span class=\"form-note\">给你提交的文章一个简单描述,可以是拷贝文章开头的几句话,或者是你自己的评论.</span>";
		$sForm2.= "<textarea name=\"bodytext\" rows=\"10\" cols=\"60\" id=\"bodytext\"></textarea></p>";
		$sForm2.= "<span id=\"checkdesmsg\"></span>";

		$sForm2.= "<p class=\"l-mid\">";
		$sForm2.= "<label for=\"category\" accesskey=\"6\">标签:</label>";
		$sForm2.= "<br /><span class=\"form-note\">输入标签名称.(用空格分割)</span>";
		$sForm2.= "<input type=\"text\" id=\"place\" name=\"place\" value=\"\" size=\"60\" /></p>";
		$sForm2.= "<span id=\"checkplacemsg\"></span>";
		$sForm2.= "</fieldset>";

		$sForm2.= "<fieldset>";
		$sForm2.= "<legend>人类验证系统</legend>";
		$sForm2.= "<p class=\"l-mid\">";
		$sForm2.= "<label for=\"captcha\" accesskey=\"7\">请输入您看到的数字:</label><br />";
		$sForm2.= "<input type=\"text\" name=\"captchatext\" id=\"captchatext\" value=\"\" style=\"vertical-align: top;\" size=\"8\" maxlength=\"4\"/> ";
		$sForm2.= "<img src=\"".get_option('siteurl')."/tr-themes/checkbox.php?act=yes\" align=\"absmiddle\" class=\"captcha\" alt=\"有问题请联系 ".get_option('admin_email')."\" /></p>";
		$sForm2.= "<span id=\"checkcaptchamsg\"></span>";
		$sForm2.= "</fieldset>";

		$sForm2.= "<fieldset>";
		$sForm2.= "<legend>是否收藏?</legend>";
		$sForm2.= "<p class=\"l-mid\">";
		$sForm2.= "<input type=\"checkbox\" name=\"diglink\" checked=\"checked\">";
		$sForm2.= "<label for=\"diglink\" accesskey=\"1\">提交后自动收藏该文章</label><br />";
		$sForm2.= "</p>";
		$sForm2.= "</fieldset>";
		
		$sForm2.= "<input type=\"hidden\" name=\"url\" value=\"$url\">";
		for($i=1;isset($addonurl[$i]);$i++)
		{
			$sForm2 .= "<input type=\"hidden\" name=\"url".$i."\" value=\"".$addonurl[$i]."\">";
		}

		$sForm2.= "<input type=\"submit\" name=\"submit2\" value=\" 提交 \" >";
		$sForm2.= "</form>";
		
	    $sForm2 = iconv( "UTF-8", "GB2312//IGNORE" , $sForm2);

		$objResponse->addAssign("submitdetail","innerHTML",$sForm2);
	}

	return $objResponse;
}

function processSubmitForm2($aFormValues)
{
	global $trdb;

	$tError = false;
	$dError = false;
	$pError = false;
	$cError = false;
	$terrorMsg = "";
	$derrorMsg = "";
	$perrorMsg = "";
	$cerrorMsg = "";

	$objResponse = new xajaxResponse();

	$title = $aFormValues['title'];
	//$title = iconv( "UTF-8", "GB2312//IGNORE" , $title);
	$title = trim($title);
	$des = $aFormValues['bodytext'];
	//$des = iconv( "UTF-8", "GB2312//IGNORE" , $des);
	$place = $aFormValues['place'];
	//$place = iconv( "UTF-8", "GB2312//IGNORE" , $place);
	$place = trim($place);
	$url = $aFormValues['url'];
	//$url = iconv( "UTF-8", "GB2312//IGNORE" , $url);
	$url = trim($url);
	$url = apply_filters($url);

	//get all submitted urls
	for($i=1;isset($aFormValues['url'.$i]);$i++)
	{
		$addonurl[$i] = $aFormValues['url'.$i];
		//$addonurl[$i] = iconv( "UTF-8", "GB2312//IGNORE" , $addonurl[$i]);
		$addonurl[$i] = trim($addonurl[$i]);
		$addonurl[$i] = apply_filters($addonurl[$i]);
	}
	$diglink = $aFormValues['diglink'];
	$title = apply_filters($title);
	$des = filter_bodytext($des);
	$place = apply_filters($place);
	$url = apply_filters($url);
	$captchatext = $aFormValues['captchatext'];

	if ($title == "")
	{
		$terrorMsg = "标题不能为空";
		$tError = true;
	}
	if ($des == "")
	{
		$derrorMsg = "简介不能为空";
		$dError = true;
	}
	if ($place == "")
	{
		$perrorMsg = "标签不能为空";
		$pError = true;
	}
	session_start();
	if ($_SESSION['auth'] != $captchatext)
	{
		$cerrorMsg = "请重新输入您看到的数字";
		$cError = true;
	}

	if ($tError)
	{
		$sForm ="<div class=\"form-error\">&nbsp;&nbsp;$terrorMsg</div>";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checktitlemsg","innerHTML",$sForm);
	}
	else
	{
		$sForm ="";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checktitlemsg","innerHTML",$sForm);
	}

	if ($dError)
	{
		$sForm ="<div class=\"form-error\">&nbsp;&nbsp;$derrorMsg</div>";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checkdesmsg","innerHTML",$sForm);
	}
	else
	{
		$sForm ="";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checkdesmsg","innerHTML",$sForm);
	}

	if ($pError)
	{
		$sForm ="<div class=\"form-error\">&nbsp;&nbsp;$perrorMsg</div>";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checkplacemsg","innerHTML",$sForm);
	}
	else
	{
		$sForm ="";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checkplacemsg","innerHTML",$sForm);
	}

	if ($cError)
	{
		$sForm ="<div class=\"form-error\">&nbsp;&nbsp;$cerrorMsg</div>";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checkcaptchamsg","innerHTML",$sForm);
	}
	else
	{
		$sForm ="";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checkcaptchamsg","innerHTML",$sForm);
	}

	// get user data
	$user_login = $_COOKIE['tripreaderuser_' . COOKIEHASH];
	$user = get_userdatabylogin($user_login);
	$post_author = $user->ID;

	// get diglink check value
	if($diglink=='on')
		$favor_count = 1;
	else
		$favor_count = 0;

	if (!$tError&&!$dError&&!$pError&&!$cError)
	{
		$title = $trdb->escape($title);
		$des = $trdb->escape($des);
		$url = $trdb->escape($url);
		$post_date = date('Y-m-d H:i:s');
		$guid = create_guid_old();
		$request = "INSERT INTO $trdb->posts (post_author, post_date, post_content, post_title, post_url, favor_count, guid, post_favor_date) VALUES ('$post_author', '$post_date', '$des', '$title','$url',$favor_count,'$guid', '$post_date')";
		$trdb->query($request);

		$request2 = "SELECT ID FROM $trdb->posts WHERE guid='$guid'";
		$post_id = $trdb->get_var($request2);

		// insert place tag related
		updateTags($post_id,$place);
		//$objResponse->addAlert($post_id);

		// insert addon URLs
		for($i=1;isset($addonurl[$i]);$i++)
		{
			$request3 = "INSERT INTO $trdb->postaddurl (post_id, post_url) VALUES ($post_id, '$addonurl[$i]')";
			$trdb->query($request3);
		}

		// insert the post to user's favor if diglink equal 'on'
		if ($diglink == 'on')
		{
			add_to_favor($post_author,$post_id);
		}

		$queue_url = get_option('siteurl');
		$objResponse->addScript("location='$queue_url';");
	}
	else{
		$objResponse->addAssign("submit2","value",iconv( "UTF-8", "GB2312//IGNORE" , "提交"));
		$objResponse->addAssign("submit2","disabled",false);
	}

	return $objResponse;
}

function processSubmitForm3($aFormValues)
{
	global $trdb;

	$uError = false;
	$tError = false;
	$dError = false;
	$pError = false;
	$cError = false;
	$uerrorMsg = "";
	$terrorMsg = "";
	$derrorMsg = "";
	$perrorMsg = "";
	$cerrorMsg = "";

	$objResponse = new xajaxResponse();

	$title = $aFormValues['title'];
	//$title = iconv( "UTF-8", "GB2312//IGNORE" , $title);
	$title = trim($title);
	$des = $aFormValues['bodytext'];
	//$des = iconv( "UTF-8", "GB2312//IGNORE" , $des);
	$place = $aFormValues['place'];
	//$place = iconv( "UTF-8", "GB2312//IGNORE" , $place);
	$place = trim($place);
	$url = $aFormValues['url'];
	//$url = iconv( "UTF-8", "GB2312//IGNORE" , $url);
	$url = trim($url);
	$url = apply_filters($url);

	if(isset($aFormValues['diglink']))
		$diglink = $aFormValues['diglink'];
	else
		$diglink = "";
	$title = apply_filters($title);
	$des = filter_bodytext($des);
	$place = apply_filters($place);
	$url = apply_filters($url);
	$captchatext = $aFormValues['captchatext'];

	if (!check_url_format($url))
	{
		$uerrorMsg = "请输入正确的URL地址";
		$uError = true;
	}
	if ($title == "")
	{
		$terrorMsg = "标题不能为空";
		$tError = true;
	}
	if ($des == "")
	{
		$derrorMsg = "简介不能为空";
		$dError = true;
	}
	if ($place == "")
	{
		$perrorMsg = "标签不能为空";
		$pError = true;
	}
	session_start();
	if ($_SESSION['auth'] != $captchatext)
	{
		$cerrorMsg = "请重新输入您看到的数字";
		$cError = true;
	}

	if ($uError)
	{
		$sForm ="<div class=\"form-error\">&nbsp;&nbsp;$uerrorMsg</div>";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checkurlmsg","innerHTML",$sForm);
	}
	else
	{
		$sForm ="";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checkurlmsg","innerHTML",$sForm);
	}

	if ($tError)
	{
		$sForm ="<div class=\"form-error\">&nbsp;&nbsp;$terrorMsg</div>";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checktitlemsg","innerHTML",$sForm);
	}
	else
	{
		$sForm ="";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checktitlemsg","innerHTML",$sForm);
	}

	if ($dError)
	{
		$sForm ="<div class=\"form-error\">&nbsp;&nbsp;$derrorMsg</div>";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checkdesmsg","innerHTML",$sForm);
	}
	else
	{
		$sForm ="";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checkdesmsg","innerHTML",$sForm);
	}

	if ($pError)
	{
		$sForm ="<div class=\"form-error\">&nbsp;&nbsp;$perrorMsg</div>";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checkplacemsg","innerHTML",$sForm);
	}
	else
	{
		$sForm ="";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checkplacemsg","innerHTML",$sForm);
	}

	if ($cError)
	{
		$sForm ="<div class=\"form-error\">&nbsp;&nbsp;$cerrorMsg</div>";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checkcaptchamsg","innerHTML",$sForm);
	}
	else
	{
		$sForm ="";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checkcaptchamsg","innerHTML",$sForm);
	}

	// get user data
	$user_login = $_COOKIE['tripreaderuser_' . COOKIEHASH];
	$user = get_userdatabylogin($user_login);
	$post_author = $user->ID;

	// get diglink check value
	if($diglink=='on')
		$favor_count = 1;
	else
		$favor_count = 0;

	if (!$tError&&!$dError&&!$pError&&!$cError)
	{
		$title = $trdb->escape($title);
		$des = $trdb->escape($des);
		$url = $trdb->escape($url);
		$post_date = date('Y-m-d H:i:s');
		$guid = create_guid_old();
		$request = "INSERT INTO $trdb->posts (post_author, post_date, post_content, post_title, post_url, favor_count, guid, post_favor_date) VALUES ('$post_author', '$post_date', '$des', '$title','$url',$favor_count,'$guid', '$post_date')";
		$trdb->query($request);

		$request2 = "SELECT ID FROM $trdb->posts WHERE guid='$guid'";
		$post_id = $trdb->get_var($request2);

		// insert place tag related
		updateTags($post_id,$place);
		//$objResponse->addAlert($post_id);

		// insert addon URLs
		/*
		for($i=1;isset($addonurl[$i]);$i++)
		{
			$request3 = "INSERT INTO $trdb->postaddurl (post_id, post_url) VALUES ($post_id, '$addonurl[$i]')";
			$trdb->query($request3);
		}*/

		// insert the post to user's favor if diglink equal 'on'
		if ($diglink == 'on')
		{
			add_to_favor($post_author,$post_id);
		}

		$objResponse->addScript("location='$url';");
	}
	else{
		$objResponse->addAssign("submit3","value",iconv( "UTF-8", "GB2312//IGNORE" , "提交"));
		$objResponse->addAssign("submit3","disabled",false);
	}

	return $objResponse;
}

function addUrlInput($url_count){
	$objResponse = new xajaxResponse();
	
	$url_count++;
	$addoninput = "<input type=\"text\" name=\"submiturl".$url_count."\" id=\"submiturl".$url_count."\" value=\"http://\" class=\"form-full\" />";
	$addoninput .= " <SPAN id=removeurl".$url_count." class=cursor_pointer onclick=\"javascript:xajax_removeUrlInput($url_count);\"><IMG border=0 align=absmiddle  src='".bloginfo('stylesheet_directory',false)."/img/remove-small.gif'/></SPAN>";
	$objResponse->addAppend("addonurl","innerHTML",$addoninput);

	$spanurlcount = "<input type=\"hidden\" name=\"addonurlcount\" id=\"addonurlcount\" value=\"".$url_count."\">";
	$spanurlcount = iconv( "UTF-8", "GB2312//IGNORE" , $spanurlcount);
	$objResponse->addAssign("spanurlcount","innerHTML",$spanurlcount);
	
	//$objResponse->addAlert($url_count);

	return $objResponse;
}

function removeUrlInput($url_count){
	$objResponse = new xajaxResponse();
	
	$input_id = 'submiturl'.$url_count;
	$span_id = 'removeurl'.$url_count;
	$objResponse->addRemove($input_id);
	$objResponse->addRemove($span_id);
	
	//$objResponse->addAlert($url_count);

	return $objResponse;
}

/***** Add Reported Post Problem to tr_postproblem *****/

function reportProblem($post_id,$user_id,$problem_id)
{
	global $trdb;

	$objResponse = new xajaxResponse();

	$request1 = "SELECT count(rel_id) FROM $trdb->postproblem WHERE post_id=$post_id AND user_id=$user_id AND problem_id=$problem_id";
	$number = $trdb->get_var($request1);

	if($number == 0){
		$post_date = date('Y-m-d H:i:s');
		$request = "INSERT INTO $trdb->postproblem (post_id,user_id, problem_id,submit_date) VALUES ('$post_id','$user_id', '$problem_id', '$post_date')";
		$trdb->query($request);
	}

	$objResponse->addAlert(iconv( "UTF-8", "GB2312//IGNORE" , "谢谢,您的反馈信息已经被发送给管理员。"));

	return $objResponse;
}

/***** Add Reported Post Problem to tr_postproblem *****/

function processFavorit($post_id)
{
	global $trdb;

	$objResponse = new xajaxResponse();

	if(need_auth())
	{
		$objResponse->addScript("location='". get_settings('siteurl') . '/?login&redirect_to=' . urlencode($_SERVER['REQUEST_URI'])."';");
	}
	else
	{
		$post_author = get_currentuserid(false);

		$request0 = "SELECT COUNT(rel_id) FROM $trdb->post2user WHERE post_id=$post_id AND user_id=$post_author";
		$row_number = $trdb->get_var($request0);

		if($row_number==0) {
			// add post_id rel to user_id in table post2user
			add_to_favor($post_author,$post_id);

			// add 1 count to favor_count in table posts
			$post_favor_date = date('Y-m-d H:i:s');
			$request = "UPDATE $trdb->posts SET favor_count = favor_count+1, post_favor_date='$post_favor_date' WHERE ID=$post_id";
			$trdb->query($request);
			
			// trigger post_favor = 'yes' when favor_count reachs favor_count_to_home in table tr_option
			$favor_count_to_home = get_option('favor_count_to_home');
			$request2 = "SELECT favor_count FROM $trdb->posts WHERE ID=$post_id AND post_favor='no'";
			$favor_count = $trdb->get_var($request2);
			if(!empty($favor_count) && ($favor_count >= $favor_count_to_home)){
				$post_favor_date = date('Y-m-d H:i:s');
				$request3 = "UPDATE $trdb->posts SET post_favor='yes', post_favor_date='$post_favor_date' WHERE ID=$post_id";
				$trdb->query($request3);
			}
		}
	}
	//$objResponse->addAlert($post_author);

	return $objResponse;
}

function processEditPostForm($aFormValues)
{
	global $trdb;

	$uError = false;
	$tError = false;
	$dError = false;
	$pError = false;
	$uerrorMsg = "";
	$terrorMsg = "";
	$derrorMsg = "";
	$perrorMsg = "";

	$objResponse = new xajaxResponse();

	$url = $aFormValues['submiturl'];
	//$url = iconv( "UTF-8", "GB2312//IGNORE" , $url);
	$url = trim($url);
	$url = apply_filters($url);

	$post_id = $aFormValues['post_id'];
	$post_id = trim($post_id);
	$post_id = apply_filters($post_id);

	$addonurlcount = $aFormValues['addonurlcount'];
	$addonurlcount = apply_filters($addonurlcount);

	$title = $aFormValues['title'];
	//$title = iconv( "UTF-8", "GB2312//IGNORE" , $title);
	$title = trim($title);
	$des = $aFormValues['bodytext'];
	//$des = iconv( "UTF-8", "GB2312//IGNORE", $des);

	//$des = mb_convert_encoding($des, "gb2312", "UTF-8");

	$place = $aFormValues['place'];
	//$place = iconv( "UTF-8", "GB2312//IGNORE" , $place);
	$place = trim($place);

	$title = apply_filters($title);
	$des = filter_bodytext($des);
	$place = apply_filters($place);

	//get all submitted urls
	$in = 1;
	for($i=1;$i<=$addonurlcount;$i++)
	{
		if(isset($aFormValues['submiturl'.$i])){
			if ($aFormValues['submiturl'.$i] != 'http://' && $aFormValues['submiturl'.$i] != "https://"
			&& $aFormValues['submiturl'.$i] != "" && $aFormValues['submiturl'.$i] != $aFormValues['submiturl'])
			{
				$addonurl[$in] = $aFormValues['submiturl'.$i];
				//$addonurl[$in] = iconv( "UTF-8", "GB2312//IGNORE" , $addonurl[$in]);
				$addonurl[$in] = trim($addonurl[$in]);
				$addonurl[$in] = apply_filters($addonurl[$in]);
				$sForm .= "<br /><a href=\"$addonurl[$in]\" class=\"simple\" id=\"url\" target=_blank>$addonurl[$in]</a>";
				$in++;
			}
		}
	}

	if (!check_url_format($url))
	{
		$uerrorMsg = "请输入正确的URL地址";
		$uError = true;
	}
	if ($title == "")
	{
		$terrorMsg = "标题不能为空";
		$tError = true;
	}
	if ($des == "")
	{
		$derrorMsg = "简介不能为空";
		$dError = true;
	}
	if ($place == "")
	{
		$perrorMsg = "标签不能为空";
		$pError = true;
	}

	if ($uError)
	{
		$objResponse->addAssign("submit1","value",iconv( "UTF-8", "GB2312//IGNORE" , "继续>>"));
		$objResponse->addAssign("submit1","disabled",false);
		$sForm ="<div class=\"form-error\">&nbsp;&nbsp;$uerrorMsg</div>";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checkurlmsg","innerHTML",$sForm);
	}
	else
	{
		$sForm ="";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checkurlmsg","innerHTML",$sForm);
	}

	if ($tError)
	{
		$sForm ="<div class=\"form-error\">&nbsp;&nbsp;$terrorMsg</div>";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checktitlemsg","innerHTML",$sForm);
	}
	else
	{
		$sForm ="";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checktitlemsg","innerHTML",$sForm);
	}

	if ($dError)
	{
		$sForm ="<div class=\"form-error\">&nbsp;&nbsp;$derrorMsg</div>";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checkdesmsg","innerHTML",$sForm);
	}
	else
	{
		$sForm ="";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checkdesmsg","innerHTML",$sForm);
	}

	if ($pError)
	{
		$sForm ="<div class=\"form-error\">&nbsp;&nbsp;$perrorMsg</div>";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checkplacemsg","innerHTML",$sForm);
	}
	else
	{
		$sForm ="";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("checkplacemsg","innerHTML",$sForm);
	}

	if (!$tError&&!$dError&&!$pError&&!$uError)
	{
		$title = $trdb->escape($title);
		$des = $trdb->escape($des);
		$url = $trdb->escape($url);
		$post_id = $trdb->escape($post_id);
		$post_date = date('Y-m-d H:i:s');
		//$objResponse->addAlert($title);
		
		$request = "UPDATE $trdb->posts SET post_modified='$post_date', post_content='$des', post_title='$title', post_url='$url' WHERE ID=$post_id";
		$trdb->query($request);

		// delete already tags related
		delTagRelated($post_id);
		// insert place tag related
		updateTags($post_id,$place);

		// delete already added addon urls
		$request2 = "DELETE FROM $trdb->postaddurl WHERE post_id = $post_id";
		$trdb->query($request2);

		// insert addon URLs
		for($i=1;isset($addonurl[$i]);$i++)
		{
			$request3 = "INSERT INTO $trdb->postaddurl (post_id, post_url) VALUES ($post_id, '$addonurl[$i]')";
			$trdb->query($request3);
		}

		//$redirect_to = get_option('siteurl')."/?q=$post_id";
		//$redirect_to = get_option('siteurl');// redirect
		if ( isset($_REQUEST['redirect_to']) )
			//$redirect_to = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $_REQUEST['redirect_to']);
			$redirect_to = $_REQUEST['redirect_to'];
		else
			$redirect_to = get_option('siteurl')."/?q=$post_id";
		
		//$objResponse->addAlert($des);
		$objResponse->addScript("location='$redirect_to';");
	}
	else{
		$objResponse->addAssign("submit1","value",iconv( "UTF-8", "GB2312//IGNORE" , "提交"));
		$objResponse->addAssign("submit1","disabled",false);
	}

	return $objResponse;
}

function hidePost($post_id)
{
	global $trdb;
	$objResponse = new xajaxResponse();
	
	if (user_can_hide_post()) {
		$request = "UPDATE $trdb->posts SET post_status='problem' WHERE ID=$post_id";
		$trdb->query($request);
	
		$objResponse->addAlert(iconv( "UTF-8", "GB2312//IGNORE" , '隐藏该文章成功！'));
	}
	
	return $objResponse;
}

function hideComment($comment_id)
{
	global $trdb;
	$objResponse = new xajaxResponse();
	
	if (user_can_hide_post()) {
		$request = "UPDATE $trdb->comments SET comment_approved='spam' WHERE comment_ID=$comment_id";
		$trdb->query($request);
	
		$objResponse->addAlert(iconv( "UTF-8", "GB2312//IGNORE" , '隐藏该评论成功！'));
	}
	
	return $objResponse;
}

function processCommentForm($aFormValues)
{
	global $trdb;

	$aError = false;
	$bError = false;
	$errorMsg = "";

	$objResponse = new xajaxResponse();

	$comment_content = $aFormValues['comment'];
	//$comment_content = iconv( "UTF-8", "GB2312//IGNORE" , $comment_content);
	$comment_content = filter_bodytext($comment_content);

	$captchatext = $aFormValues['captchatext'];

	$post_id = $aFormValues['post_id'];
	$post_id = trim($post_id);
	$post_id = apply_filters($post_id);

	$post_type = $aFormValues['post_type'];
	$post_type = trim($post_type);
	$post_type = apply_filters($post_type);
	if($post_type=='plan')
		$comment_type = 'plan';
	else
		$comment_type = 'trip';

	$user_id = get_currentuserid(false);

	if ($comment_content == "")
	{
		$errorMsg .= "请输入评论内容. ";
		$aError = true;
	}
	session_start();
	if ($_SESSION['auth'] != $captchatext)
	{
		$errorMsg .= "请重新输入您看到的数字.";
		$bError = true;
	}

	if (!$aError&&!$bError)
	{

		$post_id = $trdb->escape($post_id);
		$user_id = $trdb->escape($user_id);
		$post_date = date('Y-m-d H:i:s');
		//$objResponse->addAlert($user_id);
		
		$request = "INSERT INTO $trdb->comments (comment_post_id, comment_user_id, comment_date, comment_content, comment_type) VALUES ($post_id, $user_id, '$post_date', '$comment_content', '$comment_type')";
		$trdb->query($request);

		$comment_date_past = get_past_time($post_date);
		$the_comment_author = get_name_by_id($user_id,false);
		$comment_author_url = get_option('siteurl')."/?user=".$the_comment_author;
		$comment_li = "<span class=\"c-normal\" id=\"c_new\">by <strong><a href=\"$comment_author_url\">$the_comment_author</a></strong>";
		$comment_li .= " <span class=viaurl><a href=\"#c_new\">$comment_date_past</a></span> </div>";
		$comment_li .= "<br />";
		$comment_li .= "$comment_content<br /><br /></li>";

		$comment_li = iconv( "UTF-8", "GB2312//IGNORE" , $comment_li);
		$objResponse->addAppend("oc","innerHTML",$comment_li);
		
		$objResponse->addAssign("submit1","value",iconv( "UTF-8", "GB2312//IGNORE" , "提交"));
		$objResponse->addAssign("submit1","disabled",false);
		$objResponse->addAssign("captchatext","value","");
		$objResponse->addAssign("comment","value","");
		//clear error msg
		$sForm ="";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("errormsg","innerHTML",$sForm);
	}
	else{
		$sForm ="<div class=\"form-error\">&nbsp;&nbsp;$errorMsg</div>";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("errormsg","innerHTML",$sForm);
		$objResponse->addAssign("submit1","value",iconv( "UTF-8", "GB2312//IGNORE" , "提交"));
		$objResponse->addAssign("submit1","disabled",false);
	}

	return $objResponse;
}

function promotePost($post_id)
{
	global $trdb;
	$objResponse = new xajaxResponse();
	
	if (user_can_hide_post()) {
		
		$post_favor_date = date('Y-m-d H:i:s');
		$request3 = "UPDATE $trdb->posts SET post_favor='yes', post_favor_date='$post_favor_date' WHERE ID=$post_id";
		$trdb->query($request3);
	
		$objResponse->addAlert(iconv( "UTF-8", "GB2312//IGNORE" , '推选该文章成功！'));
	}
	
	return $objResponse;
}

function editProfile(){
	global $user;
	$objResponse = new xajaxResponse();

	$blog_url = $user->user_blog;
	if($blog_url=="") $blog_url="http://";
	
	$output = "<form id=\"submitForm1\" action=\"javascript:void(null);\" onsubmit=\"submitEditProfile();\">";
	$output .= "<FIELDSET><LEGEND><SPAN class=sign>编辑个人资料</SPAN></LEGEND>";
	$output .= "<P class=l-mid><LABEL for=homepage>邮件地址（只有管理员可见）:</LABEL><BR>";
	$output .= "<INPUT id=email tabIndex=6 value=".$user->user_email." name=email size=25></P>";
	$output .= "<P class=l-mid><label for=\"homepage\">博客地址:</label><BR>";
	$output .= "<INPUT id=homepage tabIndex=5 value=\"".$blog_url."\" name=homepage size=50></P>";
	$output .= "<P class=l-mid>如果需要修改密码，请在下面输入您新的密码</P>";
	$output .= "<P class=l-mid><label for=\"password1\">新密码:</label> <BR>";
	$output .= "<INPUT id=password1 tabIndex=7 type=password name=password1></P>";
	$output .= "<P class=l-mid><LABEL for=password2>重复新密码:</LABEL> <BR>";
	$output .= "<INPUT id=password2 tabIndex=8 type=password name=password2></P>";
	$output .= "<P class=l-bottom><INPUT type=submit value=更新 id=submit1></P>";
	$output .= "<span id=\"errormsg\"></span>";
	$output .= "</FIELDSET></form>";
	
	//$objResponse->addAlert($user->user_email);

	$output = iconv( "UTF-8", "GB2312//IGNORE" , $output);
	$objResponse->addAssign("contents-wide","innerHTML",$output);

	return $objResponse;
}

function processEditProfileForm($aFormValues) {
	global $trdb, $user_ID, $user_login;

	$aError = false;
	$bError = false;
	$errorMsg = "";

	$objResponse = new xajaxResponse();

	$email = $aFormValues['email'];
	//$email = iconv( "UTF-8", "GB2312//IGNORE" , $email);
	$email = apply_filters(trim($email));

	$homepage = $aFormValues['homepage'];
	//$homepage = iconv( "UTF-8", "GB2312//IGNORE" , $homepage);
	$homepage = apply_filters(trim($homepage));
	
	$newPass1 = $aFormValues['password1'];
	//$newPass1 = iconv( "UTF-8", "GB2312//IGNORE" , $newPass1);
	$newPass2 = $aFormValues['password2'];
	//$newPass2 = iconv( "UTF-8", "GB2312//IGNORE" , $newPass2);

	//$user_id = get_currentuserid(false);
	get_currentuserinfo();

	if ($email == "")
	{
		$errorMsg .= "请输入邮件地址. ";
		$aError = true;
	}
	if (!eregi("^[a-zA-Z0-9]+[_a-zA-Z0-9-]*(\.[_a-z0-9-]+)*@[a-z??????0-9]+(-[a-z??????0-9]+)*(\.[a-z??????0-9-]+)*(\.[a-z]{2,4})$", $email))
	{
		$errorMsg .= "请输入一个有效的email地址. ";
		$aError = true;
	}

	if (($newPass1 != '')&&(strlen(trim($newPass1)) < 6))
	{
		$errorMsg .= "密码最少需要6位字符. ";
		$bError = true;
	}

	if (($newPass1 != '')&&($newPass1 != $newPass2))
	{
		$errorMsg .= "密码不一致. ";
		$bError = true;
	}

	if (!$aError&&!$bError)
	{
		$email = $trdb->escape($email);
		$homepage = $trdb->escape($homepage);

		if($homepage == 'http://' || $homepage == 'https://')
			$homepage = '';
		
		$request = "UPDATE $trdb->users SET user_email='$email', user_blog='$homepage' WHERE ID=$user_ID";
		$trdb->query($request);

		if($newPass1 != ''){
			
			$newPass1 = $trdb->escape($newPass1);
			$md5_pass = md5($newPass1);
			$request2 = "UPDATE $trdb->users SET user_pass='$md5_pass' WHERE ID=$user_ID";
			$trdb->query($request2);

		}

		// set cookie
		tr_setcookie($user_login, $newPass1);

		$objResponse->addScript("window.location.reload();");

	}
	else{
		$sForm ="<div class=\"form-error\">&nbsp;&nbsp;$errorMsg</div>";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("errormsg","innerHTML",$sForm);
		$objResponse->addAssign("submit1","value",iconv( "UTF-8", "GB2312//IGNORE" , "提交"));
		$objResponse->addAssign("submit1","disabled",false);
	}

	return $objResponse;
}

function unfavoritFunc($post_id) {
	global $trdb;
	$objResponse = new xajaxResponse();
	
	if (user_can_edit_profile()) {
		
		$user_id = get_currentuserid(false);
		
		$request3 = "DELETE FROM $trdb->post2user WHERE post_id=$post_id AND user_id=$user_id";
		$trdb->query($request3);
		
		// minus 1 count to favor_count in table posts
		$request = "UPDATE $trdb->posts SET favor_count = favor_count-1 WHERE ID=$post_id";
		$trdb->query($request);
	
		//$objResponse->addAlert('取消收藏该文章成功！');
		$objResponse->addRemove("news-$post_id");
	}
	
	return $objResponse;
}

function processSubmitPlanItem($aFormValues)
{
	global $trdb;
	$objResponse = new xajaxResponse();

	$place_id = $aFormValues['placeidsubmit'];
	//$place_id = iconv( "UTF-8", "GB2312//IGNORE" , $place_id);
	$place_id = trim($place_id);
	$place_type = $aFormValues['placetypesubmit'];
	//$place_type = iconv( "UTF-8", "GB2312//IGNORE" , $place_type);
	$place_type = trim($place_type);

	$content = $aFormValues['content'.$place_type.$place_id];
	//$content = iconv( "UTF-8", "GB2312//IGNORE" , $content);
	$content = filter_bodytext($content);

	$request = "UPDATE $trdb->places SET $place_type = '$content' WHERE ID=$place_id";
	$trdb->query($request);
	//$objResponse->addAlert($content);
	//$content = iconv( "UTF-8", "GB2312//IGNORE" , $content);
	$objResponse->addAssign("description_div".$place_type.$place_id,"innerHTML",$content);

	return $objResponse;
}

function saveNewPlaceTime($input_name,$input_time) {
	global $trdb;
	$objResponse = new xajaxResponse();
	
	$place_id = substr($input_name, 8);
	$date = $input_time." 00:00:00";
		
	$request = "UPDATE $trdb->places SET begin_date  = '$date' WHERE ID=$place_id";
	$trdb->query($request);
	
	//$objResponse->addAlert("new time:$place_id,$date");
	
	return $objResponse;
}

function processSubmitAddPlace($aFormValues)
{
	global $trdb;
	$objResponse = new xajaxResponse();

	$sForm = "<script language=javascript>var date2 = new UncCalendar ();date2.inputName = 'name1';";
	$sForm .= "date2.inputValue = 'today';date2.inputSize = 10;date2.inputClass = \"plandate\";date2.color = \"#71b238\";date2.bgColor = \"#e6facd\";date2.buttonWidth = 60;date2.buttonWords = \"选择日期\";date2.canEdits = false;date2.hidesSelects = true;date2.display();";
	$sForm .= "</script>div<br/>";

	$sForm2 = "var date2 = new UncCalendar ();date2.inputName = 'name1';";
	$sForm2 .= "date2.inputValue = 'today';date2.inputSize = 10;date2.inputClass = \"plandate\";date2.color = \"#71b238\";date2.bgColor = \"#e6facd\";date2.buttonWidth = 60;date2.buttonWords = \"选择日期\";date2.canEdits = false;date2.hidesSelects = true;date2.display();";

	//$objResponse->addAlert($content);
	//$objResponse->addAppend("container2","innerHTML",$sForm);
	
	//$objResponse->addScript($sForm2);

	return $objResponse;
}

function savePlanUser($plan_name, $guid)
{
	global $trdb;
	$objResponse = new xajaxResponse();

	//$plan_name = iconv( "UTF-8", "GB2312//IGNORE" , $plan_name);
	$plan_name = trim($plan_name);
	$plan_name = apply_filters($plan_name);

	$guid = trim($guid);
	$guid = apply_filters($guid);

	// get user data
	$user_login = $_COOKIE['tripreaderuser_' . COOKIEHASH];
	$user = get_userdatabylogin($user_login);
	$user_id = $user->ID;

	$modi_date = date('Y-m-d H:i:s');

	$request = "SELECT COUNT(ID) FROM $trdb->plans WHERE guid='$guid'";
	$number = $trdb->get_var($request);

	if($number==1){
		$request1 = "UPDATE $trdb->plans SET plan_name='$plan_name', user_id=$user_id, post_status='publish', plan_modified='$modi_date' WHERE guid='$guid'";
		$trdb->query($request1);

		$request2 = "SELECT ID FROM $trdb->plans WHERE guid='$guid'";
		$plan_id = $trdb->get_var($request2);

		$redirect_to = get_option('siteurl')."/?planner&view=$plan_id";
		$objResponse->addScript("location='$redirect_to';");
	}

	return $objResponse;
}

function savePlanNoUser($plan_name, $guid)
{
	global $trdb;
	$objResponse = new xajaxResponse();

	//$plan_name = iconv( "UTF-8", "GB2312//IGNORE" , $plan_name);
	$plan_name = trim($plan_name);
	$plan_name = apply_filters($plan_name);

	$guid = trim($guid);
	$guid = apply_filters($guid);

	$modi_date = date('Y-m-d H:i:s');

	$request = "SELECT COUNT(ID) FROM $trdb->plans WHERE guid='$guid'";
	$number = $trdb->get_var($request);

	if($number==1){
		$request1 = "UPDATE $trdb->plans SET plan_name='$plan_name', post_status='publish', plan_modified='$modi_date' WHERE guid='$guid'";
		$trdb->query($request1);

		$request2 = "SELECT ID FROM $trdb->plans WHERE guid='$guid'";
		$plan_id = $trdb->get_var($request2);

		desSession();

		//$objResponse->addAlert($plan_name);
		$redirect_to = get_option('siteurl')."/?planner&view=$plan_id";
		$objResponse->addScript("location='$redirect_to';");
	}

	return $objResponse;
}

function processFavoritPlan($plan_id)
{
	global $trdb;

	$objResponse = new xajaxResponse();

	if(need_auth())
	{
		$objResponse->addScript("location='". get_settings('siteurl') . '/?login&redirect_to=' . urlencode($_SERVER['REQUEST_URI'])."';");
	}
	else
	{
		$post_author = get_currentuserid(false);

		$request0 = "SELECT COUNT(rel_id) FROM $trdb->plan2user WHERE plan_id=$plan_id AND user_id=$post_author";
		$row_number = $trdb->get_var($request0);

		if($row_number==0) {
			// add plan_id rel to user_id in table post2user
			add_to_favorplan($post_author,$plan_id);

			// add 1 count to favor_count in table posts
			$post_favor_date = date('Y-m-d H:i:s');
			$request = "UPDATE $trdb->plans SET favor_count = favor_count+1, post_favor_date='$post_favor_date' WHERE ID=$plan_id";
			$trdb->query($request);
		}
	}

	$request2 = "SELECT favor_count FROM $trdb->plans WHERE ID=$plan_id";
	$favor_count = $trdb->get_var($request2);
	$sForm = "<ul><li><span>已加好评</span> <img src=\"".bloginfo('stylesheet_directory',false)."/img/good_icon.gif\" width=19 height=22>好评:($favor_count)</li></ul>";
	$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
	$objResponse->addAssign("plan_stats","innerHTML",$sForm);

	return $objResponse;
}

function saveEditOption($option_ID, $option_value)
{
	global $trdb;
	$objResponse = new xajaxResponse();

	//$option_value = iconv( "UTF-8", "GB2312//IGNORE" , $option_value);
	$option_value = trim($option_value);
	//$option_value = apply_filters($option_value);

	$request1 = "UPDATE $trdb->options SET option_value='$option_value' WHERE option_id=$option_ID";
	$trdb->query($request1);

	$string = "Option'".$option_ID."' - 保存成功";
	$objResponse->addAlert(iconv( "UTF-8", "GB2312//IGNORE" , $string));

	return $objResponse;
}

function saveEditTag($tag_ID, $tag_name, $tag_nicename, $tag_parent, $tag_long, $tag_lati, $zoom_in, $photo_url)
{
	global $trdb;
	$objResponse = new xajaxResponse();

	//$tag_name = iconv( "UTF-8", "GB2312//IGNORE" , $tag_name);
	$tag_name = trim($tag_name);
	$tag_name = apply_filters($tag_name);

	//$tag_nicename = iconv( "UTF-8", "GB2312//IGNORE" , $tag_nicename);
	$tag_nicename = trim($tag_nicename);
	$tag_nicename = apply_filters($tag_nicename);

	//$photo_url = iconv( "UTF-8", "GB2312//IGNORE" , $photo_url);
	$photo_url = trim($photo_url);
	$photo_url = apply_filters($photo_url);

	$request1 = "UPDATE $trdb->tags SET tag_name='$tag_name', tag_nicename='$tag_nicename', tag_parent=$tag_parent, tag_long='$tag_long', tag_lati='$tag_lati', zoom_in='$zoom_in', photo_url='$photo_url' WHERE tag_ID=$tag_ID";
	$trdb->query($request1);

	$string = "Tag:'".$tag_name."'保存成功";
	$objResponse->addAlert(iconv( "UTF-8", "GB2312//IGNORE" , $string));

	return $objResponse;
}

function saveAddTag($tag_name, $tag_nicename, $tag_parent, $tag_long, $tag_lati, $zoom_in, $photo_url)
{
	global $trdb;
	$sForm ="<table><tr><th class=\"short\">&nbsp;</th><th class=\"short\">名称</th><th class=\"short\"><span class=\"info_s\">附属名</span></th><th class=\"short\"><span class=\"info_s\">上级ID</span></th><th class=\"short\"><span class=\"info_s\">经度</span></th><th class=\"short\"><span class=\"info_s\">纬度</span></th><th class=\"short\"><span class=\"info_s\">地图大小</span></th><th class=\"short\"><span class=\"info_s\">图片URL</span></th></tr>";
	$objResponse = new xajaxResponse();

	//$tag_name = iconv( "UTF-8", "GB2312//IGNORE" , $tag_name);
	$tag_name = trim($tag_name);
	$tag_name = apply_filters($tag_name);

	//$tag_nicename = iconv( "UTF-8", "GB2312//IGNORE" , $tag_nicename);
	$tag_nicename = trim($tag_nicename);
	$tag_nicename = apply_filters($tag_nicename);

	//$photo_url = iconv( "UTF-8", "GB2312//IGNORE" , $photo_url);
	$photo_url = trim($photo_url);
	$photo_url = apply_filters($photo_url);

	if(!is_place_exist($tag_name)){

		$request1 = "INSERT INTO $trdb->tags (tag_name,tag_nicename,tag_parent,tag_long,tag_lati,zoom_in,photo_url) VALUES ('$tag_name','$tag_nicename',$tag_parent,'$tag_long','$tag_lati', $zoom_in, '$photo_url')";
		$trdb->query($request1);

		$request2 = "SELECT tag_ID, tag_name, tag_nicename, tag_description, tag_parent,tag_long,tag_lati,zoom_in,photo_url FROM $trdb->tags WHERE tag_name = '$tag_name'";
		$tags = $trdb->get_results($request2);
	
		$tag = $tags[0];
		$sForm .= "<tr class=\"withover\"><td class=\"count\"><span>".$tag->tag_ID."<span></td><td class=\"short\"><input type=\"text\" id=\"sname".$tag->tag_ID."\" name=\"sname".$tag->tag_ID."\" value=\"".$tag->tag_name."\" size=\"10\" /></td><td class=\"short\"><input type=\"text\" id=\"snicename".$tag->tag_ID."\" name=\"snicename".$tag->tag_ID."\" value=\"".$tag->tag_nicename."\" size=\"10\" /></td><td class=\"short\"><input type=\"text\" id=\"sparent".$tag->tag_ID."\" name=\"sparent".$tag->tag_ID."\" value=\"".$tag->tag_parent."\" size=\"5\" /></td><td class=\"short\"><input type=\"text\" id=\"slong".$tag->tag_ID."\" name=\"slong".$tag->tag_ID."\" value=\"".$tag->tag_long."\" size=\"8\" /></td><td class=\"short\"><input type=\"text\" id=\"slati".$tag->tag_ID."\" name=\"slati".$tag->tag_ID."\" value=\"".$tag->tag_lati."\" size=\"8\" /></td><td class=\"short\"><input type=\"text\" id=\"szoom".$tag->tag_ID."\" name=\"szoom".$tag->tag_ID."\" value=\"".$tag->zoom_in."\" size=\"2\" /></td><td class=\"short\"><input type=\"text\" id=\"sphoto".$tag->tag_ID."\" name=\"sphoto".$tag->tag_ID."\" value=\"".$tag->photo_url."\" size=\"70\" /></td></tr>";
	
		$sForm .= "</table>";
		$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
		$objResponse->addAssign("addtable","innerHTML",$sForm);
	}
	else
		$objResponse->addAlert(iconv( "UTF-8", "GB2312//IGNORE" , "Tag 已存在!"));

	return $objResponse;
}

function saveDeleteTag($tag_ID)
{
	global $trdb;
	$objResponse = new xajaxResponse();

	$request1 = "DELETE FROM $trdb->tags WHERE tag_ID=$tag_ID";
	$trdb->query($request1);

	$string = "TagID='".$tag_ID."'删除成功";
	$objResponse->addAlert(iconv( "UTF-8", "GB2312//IGNORE" , $string));

	return $objResponse;
}

function searchTag($tag_name)
{
	global $trdb;
	$objResponse = new xajaxResponse();
	$sForm ="<table><tr><th class=\"short\">&nbsp;</th><th class=\"short\">名称</th><th class=\"short\"><span class=\"info_s\">附属名</span></th><th class=\"short\"><span class=\"info_s\">上级ID</span></th><th class=\"short\"><span class=\"info_s\">经度</span></th><th class=\"short\"><span class=\"info_s\">纬度</span></th><th class=\"short\"><span class=\"info_s\">地图大小</span></th><th class=\"short\"><span class=\"info_s\">图片URL</span></th><th class=\"short\">&nbsp;</th><th class=\"short\">&nbsp;</th></tr>";

	//$tag_name = iconv( "UTF-8", "GB2312//IGNORE" , $tag_name);
	$tag_name = trim($tag_name);
	$tag_name = apply_filters($tag_name);

	$request = "SELECT tag_ID, tag_name, tag_nicename, tag_description, tag_parent,tag_long,tag_lati,zoom_in,photo_url FROM $trdb->tags WHERE tag_name LIKE '%$tag_name%'";
	$tags = $trdb->get_results($request);
	$number = count($tags);
	
	for($i=0;$i<$number;$i++)
	{
		$tag = $tags[$i];
		$sForm .= "<tr class=\"withover\"><td class=\"count\"><span>".$tag->tag_ID."<span></td><td class=\"short\"><input type=\"text\" id=\"sname".$tag->tag_ID."\" name=\"sname".$tag->tag_ID."\" value=\"".$tag->tag_name."\" size=\"10\" /></td><td class=\"short\"><input type=\"text\" id=\"snicename".$tag->tag_ID."\" name=\"snicename".$tag->tag_ID."\" value=\"".$tag->tag_nicename."\" size=\"10\" /></td><td class=\"short\"><input type=\"text\" id=\"sparent".$tag->tag_ID."\" name=\"sparent".$tag->tag_ID."\" value=\"".$tag->tag_parent."\" size=\"5\" /></td><td class=\"short\"><input type=\"text\" id=\"slong".$tag->tag_ID."\" name=\"slong".$tag->tag_ID."\" value=\"".$tag->tag_long."\" size=\"8\" /></td><td class=\"short\"><input type=\"text\" id=\"slati".$tag->tag_ID."\" name=\"slati".$tag->tag_ID."\" value=\"".$tag->tag_lati."\" size=\"8\" /></td><td class=\"short\"><input type=\"text\" id=\"szoom".$tag->tag_ID."\" name=\"szoom".$tag->tag_ID."\" value=\"".$tag->zoom_in."\" size=\"2\" /></td><td class=\"short\"><input type=\"text\" id=\"sphoto".$tag->tag_ID."\" name=\"sphoto".$tag->tag_ID."\" value=\"".$tag->photo_url."\" size=\"70\" /></td><td class=\"short\"><input type=\"submit\" value=\"保存\" onclick=\"xajax_saveEditTag(".$tag->tag_ID.",document.getElementById('sname".$tag->tag_ID."').value,document.getElementById('snicename".$tag->tag_ID."').value,document.getElementById('sparent".$tag->tag_ID."').value,document.getElementById('slong".$tag->tag_ID."').value,document.getElementById('slati".$tag->tag_ID."').value,document.getElementById('szoom".$tag->tag_ID."').value,document.getElementById('sphoto".$tag->tag_ID."').value);\" /></td><td class=\"short\"><input type=\"submit\" value=\"删除\" onclick=\"confirmDeleteTag(".$tag->tag_ID.");\" /></td></tr>";
	}
	
	$sForm .= "</table>";
	$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
	$objResponse->addAssign("searchtable","innerHTML",$sForm);
	//$objResponse->addAlert($sForm);

	return $objResponse;
}

function deletePlace($place_id)
{
	global $trdb;
	$objResponse = new xajaxResponse();

	$request1 = "DELETE FROM $trdb->places WHERE ID=$place_id";
	$trdb->query($request1);

	$objResponse->addRemove("place".$place_id);

	return $objResponse;
}

function getTagsAjax($track){
	global $trdb, $db_query;
	$objResponse = new xajaxResponse();
	$sForm="";

	$request = "SELECT a.tag_name,a.tag_nicename,count(b.post_id) AS title FROM $trdb->tags a, $trdb->post2tag b,$trdb->posts c WHERE a.tag_id=b.tag_id AND b.post_id=c.ID AND c.post_status='publish' GROUP BY b.tag_id";
	
	$tags = $trdb->get_results($request);
	$numbers = count($tags);
	$track = (int)($track*10);
	
	for($i=0;$i<$numbers;$i++)
	{
		$tag = $tags[$i];
		$tag_name = $tag->tag_name;
		$tag_nicename = $tag->tag_nicename;
		
		$title = $tag->title;
		if($title<=1)
			$level=0;
		elseif($title<=2)
			$level=1;
		elseif ($title<=4)
			$level=2;
		elseif ($title<=8)
			$level=3;
		elseif ($title<=16)
			$level=4;
		elseif ($title<=32)
			$level=5;
		elseif ($title<=54)
			$level=6;
		elseif ($title<=81)
			$level=7;
		elseif ($title<=128)
			$level=8;
		elseif ($title<=256)
			$level=9;
		else
			$level=10;
		
		if($level>=$track)
			$sForm .= " <SPAN class=level$level><A href=\"./?place=$tag_name\" title='$tag_nicename'>$tag_name</A></SPAN>";
	}
	if($sForm=="")
		$sForm .= "<br/>你选的级别太热了，目前还没有这么热的标签，不过你可以<A HREF=\"./?submit\">提交新文章</A>把这里炒炒热~~~";

	//$objResponse->addAlert($track);
	$sForm = iconv( "UTF-8", "GB2312//IGNORE" , $sForm);
	$objResponse->addAssign("cloud","innerHTML",$sForm);
	return $objResponse;
}

?>